[ISN] U.S. Army Goes Bot Hunting

From: InfoSec News <alerts_at_private>
Date: Thu, 27 Nov 2008 01:45:43 -0600 (CST)

By Thomas Claburn
November 26, 2008 

Most people whose computers have been turned into bots and linked to a 
botnet have no idea that their machines have been commandeered by 
cybercriminals. Their PCs send spam, steal information, and participate 
in denial-of-service attacks without any obvious sign.

But new software, funded by a grant from the U.S. Army Research Office 
and developed by SRI International, promises to provide users with more 
insight into what their computers are doing.

BotHunter, announced on Monday, is a free malware-detection application 
for Mac OS X, Linux/Unix, and Windows that monitors network activity. 
Unlike intrusion detection system (IDS) tools that scan only incoming 
data, BotHunter looks for patterns that indicate malware activity in 
both incoming and outgoing data.

"We do a lot of inbound egress monitoring," said Phillip Porras, SRI 
program director of enterprise and infrastructure security and lead 
developer of the BotHunter project. "BotHunter really flips that 
paradigm around."


Help InfoSecNews.org with a donation!
Received on Wed Nov 26 2008 - 23:45:43 PST

This archive was generated by hypermail 2.2.0 : Wed Nov 26 2008 - 23:59:37 PST